From c9b8622d6e7c6d5878b681f4a4dae7e48a7cb674 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dominik=20Berm=C3=BChler?= <31950929+dbermuehler@users.noreply.github.com> Date: Tue, 29 Oct 2024 14:38:22 +0100 Subject: [PATCH] Added epss_score column to aws_inspector2_finding table (#2321) --- aws/table_aws_inspector2_finding.go | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/aws/table_aws_inspector2_finding.go b/aws/table_aws_inspector2_finding.go index 246ba3cb1..dfac7a96d 100644 --- a/aws/table_aws_inspector2_finding.go +++ b/aws/table_aws_inspector2_finding.go @@ -34,6 +34,7 @@ func tableAwsInspector2Finding(_ context.Context) *plugin.Table { {Name: "first_observed_at", Operators: []string{"<=", ">="}, Require: plugin.Optional}, {Name: "fix_available", Operators: []string{"=", "<>"}, Require: plugin.Optional}, {Name: "inspector_score", Operators: []string{"<=", ">="}, Require: plugin.Optional}, + {Name: "epss_score", Operators: []string{"<=", ">="}, Require: plugin.Optional}, {Name: "last_observed_at", Operators: []string{"<=", ">="}, Require: plugin.Optional}, {Name: "severity", Operators: []string{"=", "<>"}, Require: plugin.Optional}, {Name: "component_id", Operators: []string{"=", "<>"}, Require: plugin.Optional, CacheMatch: query_cache.CacheMatchExact}, @@ -102,7 +103,7 @@ func tableAwsInspector2Finding(_ context.Context) *plugin.Table { }, { Name: "type", - Description: "The type of the finding. Valid values are: NETWORK_REACHABILITY | PACKAGE_VULNERABILITY.", + Description: "The type of the finding. Valid values are: NETWORK_REACHABILITY | PACKAGE_VULNERABILITY | CODE_VULNERABILITY.", Type: proto.ColumnType_STRING, }, { @@ -303,6 +304,12 @@ func tableAwsInspector2Finding(_ context.Context) *plugin.Table { Type: proto.ColumnType_STRING, Transform: transform.FromField("PackageVulnerabilityDetails.VulnerabilityId"), }, + { + Name: "epss_score", + Description: "The finding's EPSS score.", + Type: proto.ColumnType_DOUBLE, + Transform: transform.FromField("Epss.Score"), + }, { Name: "exploitability_details", Description: "The details of an exploit available for a finding discovered in your environment.", @@ -665,6 +672,12 @@ var findingNumberFilters = []numberFilterField{ return &(f.InspectorScore) }, }, + { + columnName: "epss_score", + filterField: func(f *types.FilterCriteria) *[]types.NumberFilter { + return &(f.EpssScore) + }, + }, } var findingVulnerablePackageFilter = []vulnerablePackageFilter{